{"title":"用于隐私和互操作的凭证","authors":"V. Jones, N. Ching, M. Winslett","doi":"10.1109/NSPW.1995.492348","DOIUrl":null,"url":null,"abstract":"We consider the problem of providing secure, private access to applications and data in a world-wide distributed client-server environment such as the Internet of the future. In such a system, the set of potential users of a service may extend far beyond the local community knowable to the application providing the service. Applications will not generally have prior knowledge of the individual making a request upon which an access control decision can be based and furthermore, knowledge of an individual's identity may not be directly useful. We frame our discussion in the context of supporting credentials which are submitted with a request, and propose a list of desiderata for such credentials. We evaluate several well-known proposals for credentials, focusing on issues related to privacy and scalability, and then point out the research issues that remain before such schemes can be deployed in a world-wide environment with strong privacy guarantees.","PeriodicalId":111230,"journal":{"name":"Proceedings of 1995 New Security Paradigms Workshop","volume":"56 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1995-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"Credentials for privacy and interoperation\",\"authors\":\"V. Jones, N. Ching, M. Winslett\",\"doi\":\"10.1109/NSPW.1995.492348\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We consider the problem of providing secure, private access to applications and data in a world-wide distributed client-server environment such as the Internet of the future. In such a system, the set of potential users of a service may extend far beyond the local community knowable to the application providing the service. Applications will not generally have prior knowledge of the individual making a request upon which an access control decision can be based and furthermore, knowledge of an individual's identity may not be directly useful. We frame our discussion in the context of supporting credentials which are submitted with a request, and propose a list of desiderata for such credentials. We evaluate several well-known proposals for credentials, focusing on issues related to privacy and scalability, and then point out the research issues that remain before such schemes can be deployed in a world-wide environment with strong privacy guarantees.\",\"PeriodicalId\":111230,\"journal\":{\"name\":\"Proceedings of 1995 New Security Paradigms Workshop\",\"volume\":\"56 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1995-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of 1995 New Security Paradigms Workshop\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NSPW.1995.492348\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of 1995 New Security Paradigms Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NSPW.1995.492348","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
We consider the problem of providing secure, private access to applications and data in a world-wide distributed client-server environment such as the Internet of the future. In such a system, the set of potential users of a service may extend far beyond the local community knowable to the application providing the service. Applications will not generally have prior knowledge of the individual making a request upon which an access control decision can be based and furthermore, knowledge of an individual's identity may not be directly useful. We frame our discussion in the context of supporting credentials which are submitted with a request, and propose a list of desiderata for such credentials. We evaluate several well-known proposals for credentials, focusing on issues related to privacy and scalability, and then point out the research issues that remain before such schemes can be deployed in a world-wide environment with strong privacy guarantees.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
